/**
 * @开发版权 zhous
 * @项目名称 CEServer
 * @版本信息 v1.0
 * @开发人员 zhous
 * @开发日期 2021-07-17
 * @修订日期
 * @描述  ShiroRealm 
 */
package com.earth.c.plugins.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.jfinal.kit.StrKit;

import lombok.extern.slf4j.Slf4j;

@Slf4j
public class ShiroRealm extends AuthorizingRealm {

	/**
	 * 认证回调函数,登录时调用.
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		CaptchaUsernamePasswordToken authcToken = (CaptchaUsernamePasswordToken) token;
		String username = authcToken.getUsername();

		if (StrKit.isBlank(username)) {
			throw new AuthenticationException("账号不可以为空!");
		}
		
		log.debug("登录验证用户.");
		if(StrKit.equals("admin", "admin")) {
			String password = String.valueOf(authcToken.getPassword());
			return new SimpleAuthenticationInfo(new SimpleUser("admin","admin","管理员"),password, getName());
		}else {
			throw new IncorrectCredentialsException("用户名或密码错误!");
		}
	}

	/**
	 * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

		SimpleUser simpleUser = (SimpleUser) principals.fromRealm(getName()).iterator().next();
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		if (null == simpleUser) {
			return authorizationInfo;
		}

		return authorizationInfo;
	}

	/**
	 * 重写方法,清除当前用户的的 授权缓存
	 * 
	 * @param principals
	 */
	@Override
	public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
		super.clearCachedAuthorizationInfo(principals);
	}

	/**
	 * 重写方法，清除当前用户的 认证缓存
	 * 
	 * @param principals
	 */
	@Override
	public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
		super.clearCachedAuthenticationInfo(principals);
	}

	@Override
	public void clearCache(PrincipalCollection principals) {
		super.clearCache(principals);
	}

	/**
	 * 自定义方法：清除所有 授权缓存
	 */
	public void clearAllCachedAuthorizationInfo() {
		getAuthorizationCache().clear();
	}

	/**
	 * 自定义方法：清除所有 认证缓存
	 */
	public void clearAllCachedAuthenticationInfo() {
		getAuthenticationCache().clear();
	}

	/**
	 * 自定义方法：清除所有的 认证缓存 和 授权缓存
	 */
	public void clearAllCache() {
		clearAllCachedAuthenticationInfo();
		clearAllCachedAuthorizationInfo();
	}

	public void clearCachedAuthorization() {
		clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals());
		clearCache(SecurityUtils.getSubject().getPrincipals());
	}

}